<%-- 
    Document   : sale
    Created on : Dec 6, 2011, 4:20:13 AM
    Author     : Michael
--%>
<%@page import="java.util.Calendar"%>
<%@page import="java.util.Random"%>
<%@page import="java.sql.*"%>
<%@page import="java.util.Enumeration"%>
<% if(session.getAttribute("LoggedIn")==null)
       {
    response.sendRedirect("index.html");
    return;
        }

%>
<%
    Enumeration<String> attNames = session.getAttributeNames();
    String adID = "";
    while(attNames.hasMoreElements())
    {
        if(attNames.nextElement().equalsIgnoreCase("AdID"))
        {
            adID = session.getAttribute("AdID").toString();
            session.removeAttribute("AdID");
        }         
    }
    
    Connection conn = null;
    try
    {
        conn = new DBClasses.GetConnection().getConnection();
        Statement stmt = conn.createStatement();
        ResultSet rs = stmt.executeQuery("SELECT * FROM advertisement WHERE AdvertisementID='" + adID + "'");
        if(!rs.next())
        {
          boolean exists = true;
          int advertisementID=-1;
          while(exists)
          {
              Random r = new Random();
              r.setSeed(System.currentTimeMillis());
              advertisementID = r.nextInt(1000000);
              rs = stmt.executeQuery("SELECT AdvertisementID FROM advertisement WHERE AdvertisementID='" + advertisementID + "'");
              if(!rs.next())
                  exists=false;
          }
          
          java.sql.PreparedStatement ps = conn.prepareStatement("INSERT INTO advertisement "
                  + "(AdvertisementID, Employee, ItemType, Date, Company, ItemName, Content, UnitPrice, AvailableUnits, Active)"
                  + " VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
          
          ps.setInt(1, advertisementID);
          ps.setInt(2, Integer.parseInt(session.getAttribute("EmployeeID").toString()));
          ps.setString(3, request.getParameter("ItemType"));
          ps.setDate(4, new java.sql.Date(System.currentTimeMillis()), Calendar.getInstance());
          ps.setString(5, request.getParameter("Company"));
          ps.setString(6, request.getParameter("ItemName"));
          ps.setString(7, request.getParameter("Company"));
          ps.setDouble(8, Double.parseDouble(request.getParameter("UnitPrice")));
          ps.setInt(9, Integer.parseInt(request.getParameter("AvailableUnits")));
          ps.setInt(10, Integer.parseInt(request.getParameter("Active")));
          
          System.out.println(ps.toString());
          ps.execute();
        }
       else {
    
    Enumeration<String> fields = request.getParameterNames();
    String query = "UPDATE advertisement SET ";
    while(fields.hasMoreElements())
    {
        String next = fields.nextElement();
        query += (next + "='" + request.getParameter(next) + "'");
        if(fields.hasMoreElements())
        {
            query += ", ";
        }
    }
    query += " WHERE AdvertisementID='" + adID + "'";
    
        conn = new DBClasses.GetConnection().getConnection();
        stmt = conn.createStatement();
        stmt.execute(query);
    }
   }
    
    catch(Exception e) {
    e.printStackTrace();
    response.sendRedirect("employee.jsp");
    }
    
    finally
    {
        try {
        conn.commit();
        conn.close();
        response.sendRedirect("AdvertisementList.jsp");
               }
        catch(Exception e) { e.printStackTrace(); response.sendRedirect("employee.jsp"); }
        
    }
%>
<%@page contentType="text/html" pageEncoding="UTF-8"%>

